Security Holes That Run Deep

Security Holes That Run Deep
Mark Burnett, 2004-12-20

How a seemingly simply Microsoft bug betrayed its author's disdain for a wide range of secure coding principles.

Failing Open vs. Closed 2004-12-22
Andy S.

Some systems are configured out of the box to allow acess to all configured resources unless a rule is put in place to block access. I can't think a webserver that doesn't enforce this as its basic policy. All all by default unless told otherwise.

Other systems default closed. Some firewalls, ...

[ more ]